From 7aea79dd93cfb61453766dbbb2e3fc0fbd317852 Mon Sep 17 00:00:00 2001 From: Teppei Fukuda Date: Thu, 29 Aug 2024 14:35:04 +0400 Subject: [PATCH] feat(report): export modified findings in JSON (#7383) Signed-off-by: knqyf263 --- docs/docs/configuration/filtering.md | 2 +- pkg/report/json.go | 11 +++++++++-- pkg/report/writer.go | 5 +++-- pkg/types/report.go | 4 ++-- 4 files changed, 15 insertions(+), 7 deletions(-) diff --git a/docs/docs/configuration/filtering.md b/docs/docs/configuration/filtering.md index 030813bd1bce..befcc54180ac 100644 --- a/docs/docs/configuration/filtering.md +++ b/docs/docs/configuration/filtering.md @@ -238,7 +238,7 @@ You can filter the results by To show the suppressed results, use the `--show-suppressed` flag. !!! note - This flag is currently available only in the table format. + It's exported as `ExperimentalModifiedFindings` in the JSON output. ```bash $ trivy image --vex debian11.csaf.vex --ignorefile .trivyignore.yaml --show-suppressed debian:11 diff --git a/pkg/report/json.go b/pkg/report/json.go index 8529b5274560..e51d524d6509 100644 --- a/pkg/report/json.go +++ b/pkg/report/json.go @@ -14,8 +14,9 @@ import ( // JSONWriter implements result Writer type JSONWriter struct { - Output io.Writer - ListAllPkgs bool + Output io.Writer + ListAllPkgs bool + ShowSuppressed bool } // Write writes the results in JSON format @@ -26,6 +27,12 @@ func (jw JSONWriter) Write(_ context.Context, report types.Report) error { report.Results[i].Packages = nil } } + if !jw.ShowSuppressed { + // Delete suppressed findings + for i := range report.Results { + report.Results[i].ModifiedFindings = nil + } + } report.Results = lo.Filter(report.Results, func(r types.Result, _ int) bool { return r.Target != "" || !r.IsEmpty() }) diff --git a/pkg/report/writer.go b/pkg/report/writer.go index 041c9acdfe8e..a5b7ae231599 100644 --- a/pkg/report/writer.go +++ b/pkg/report/writer.go @@ -56,8 +56,9 @@ func Write(ctx context.Context, report types.Report, option flag.Options) (err e } case types.FormatJSON: writer = &JSONWriter{ - Output: output, - ListAllPkgs: option.ListAllPkgs, + Output: output, + ListAllPkgs: option.ListAllPkgs, + ShowSuppressed: option.ShowSuppressed, } case types.FormatGitHub: writer = &github.Writer{ diff --git a/pkg/types/report.go b/pkg/types/report.go index 6937f8ce7960..af364c95a11d 100644 --- a/pkg/types/report.go +++ b/pkg/types/report.go @@ -120,8 +120,8 @@ type Result struct { // ModifiedFindings holds a list of findings that have been modified from their original state. // This can include vulnerabilities that have been marked as ignored, not affected, or have had - // their severity adjusted. It is currently available only in the table format. - ModifiedFindings []ModifiedFinding `json:"-"` + // their severity adjusted. It's still in an experimental stage and may change in the future. + ModifiedFindings []ModifiedFinding `json:"ExperimentalModifiedFindings,omitempty"` } func (r *Result) IsEmpty() bool {